From 9273bd8fd3ed7578b7a8cfbf15b965e730e33ce2 Mon Sep 17 00:00:00 2001
From: dashnfschina <dash@nfschina.com>
Date: Fri, 2 Aug 2024 03:13:07 -0400
Subject: [PATCH] fix CVE-2023-46045

---
 graphviz-fix-CVE-2023-46045.patch | 33 +++++++++++++++++++++++++++++++
 graphviz.spec                     |  6 +++++-
 2 files changed, 38 insertions(+), 1 deletion(-)
 create mode 100644 graphviz-fix-CVE-2023-46045.patch

diff --git a/graphviz-fix-CVE-2023-46045.patch b/graphviz-fix-CVE-2023-46045.patch
new file mode 100644
index 0000000..1f9593d
--- /dev/null
+++ b/graphviz-fix-CVE-2023-46045.patch
@@ -0,0 +1,33 @@
+From 7e15c982ba159a3747f0b622b50d1fbef155f7ea Mon Sep 17 00:00:00 2001
+From: dashnfschina <dash@nfschina.com>
+Date: Fri, 2 Aug 2024 02:54:23 -0400
+Subject: [PATCH] 1
+
+---
+ lib/gvc/gvconfig.c | 3 +--
+ 1 file changed, 1 insertion(+), 2 deletions(-)
+
+diff --git a/lib/gvc/gvconfig.c b/lib/gvc/gvconfig.c
+index d03de09..2f31b98 100644
+--- a/lib/gvc/gvconfig.c
++++ b/lib/gvc/gvconfig.c
+@@ -174,7 +174,6 @@ static int gvconfig_plugin_install_from_config(GVC_t * gvc, char *s)
+ {
+     char *package_path, *name, *api;
+     const char *type;
+-    api_t gv_api;
+     int quality;
+     int nest = 0;
+     gvplugin_package_t *package;
+@@ -189,7 +188,7 @@ static int gvconfig_plugin_install_from_config(GVC_t * gvc, char *s)
+         package = gvplugin_package_record(gvc, package_path, name);
+ 	do {
+ 	    api = token(&nest, &s);
+-	    gv_api = gvplugin_api(api);
++	    const api_t gv_api = gvplugin_api(api);
+ 	    do {
+ 		if (nest == 2) {
+ 		    type = token(&nest, &s);
+-- 
+2.18.2
+
diff --git a/graphviz.spec b/graphviz.spec
index fd6cd0d..7d8ad03 100644
--- a/graphviz.spec
+++ b/graphviz.spec
@@ -1,4 +1,4 @@
-%define anolis_release 2
+%define anolis_release 3
 %undefine _package_note_flags
 # temporal drop of PHP support due to https://gitlab.com/graphviz/graphviz/-/issues/2277
 %bcond_with php
@@ -145,6 +145,7 @@ Requires:		urw-base35-fonts
 Requires:		xorg-x11-fonts-ISO8859-1-100dpi
 Patch0:			graphviz-4.0.0-gvpack-neato-static.patch
 Patch1:			add-loongarch64-support-for-graphviz.patch
+Patch2:			graphviz-fix-CVE-2023-46045.patch
 
 %if ! %{JAVA}
 Obsoletes:              graphviz-java < %{version}-%{release}
@@ -656,6 +657,9 @@ php --no-php-ini \
 %endif
 
 %changelog
+* Fri Aug 02 2024 dash <dash@nfschina.com> - 8.0.5-3
+- fix CVE-2023-46045
+
 * Tue Oct 31 2023 Wenlong Zhang<zhangwenlong@loongson.cn> - 8.0.5-2
 - add loongarch64 support for graphviz
 
-- 
Gitee